There are two primary components involved in securing a Web Service method:
/atg/webservice/security/NucleusSecurityManager
(an instance ofatg.webservice.NucleusSecurityManager
) uses the security configuration associated with the Web Service to apply the corresponding security policy and ACL, to determine whether to grant or deny access./atg/webservice/security/NucleusSecurityRepository
(an instance ofatg.adapter.gsa.GSARepository
) stores the Web Service security configurations used by theNucleusSecurityManager
.
NucleusSecurityManager
At startup time, the NucleusSecurityManager
retrieves the repository items from the NucleusSecurityRepository
(described below) and creates an internal mapping between each functional name and the SecurityPolicy
component and ACL associated with it.
When a client calls a Web Service, the service invokes the hasAccess()
method on the /atg/webservice/security/NucleusSecurityManager
component, passing it the functional name of the service’s security configuration, the name of the Nucleus component and method exposed by the service, and a Map containing the method’s parameters. The NucleusSecurityManager
uses the functional name to find the associated SecurityPolicy
component and ACL, applies them to the call, and returns the result (true
or false
) to the client. If true
is returned, the Nucleus method exposed by the Web Service is invoked; if false
is returned, access to the method is denied, and an exception of class atg.security.SecurityException
is thrown.
If the NucleusSecurityManager
is unable to apply the security configuration to a Web Service call (for example, if the SecurityPolicy
is not valid), it determines whether to grant access based on the value of its defaultGrantAccess
property. The default value of this property is false
(deny access).
Setting defaultGrantAccess
to true
facilitates the development process, because it allows any Web Service that does not have an associated security configuration to be called by any client.
For deployment purposes, though, this behavior is undesirable, because of the security risks involved. Therefore, when you enable liveconfig
settings for the Oracle ATG Web Commerce platform, the defaultGrantAccess
property is set to false
. Note, however, that this means that each of your Web Services must have an associated security configuration, because any call to a service without a security configuration will fail.
For information about enabling liveconfig
settings, see the ATG Installation and Configuration Guide.
NucleusSecurityRepository
Web Service security configurations are stored in the NucleusSecurityRepository
. This repository includes a single item descriptor called nucleusSecurity
, which has properties called functionalName
, policy
, and ACL
. The NucleusSecurityManager
parses the items in this repository at startup time.
The Web Services Administration interface provides an easy way to add new security configurations to this repository. See the next section for details.